vulnerability

Rocky Linux: CVE-2022-23833: Satellite 6.11 Release (RLSA-2022-5498)

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Feb 3, 2022

Added

Mar 12, 2024

Modified

Mar 31, 2026

Description

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

Solutions

rocky-upgrade-libdb-cxxrocky-upgrade-libdb-cxx-debuginforocky-upgrade-libdb-debuginforocky-upgrade-libdb-debugsourcerocky-upgrade-libdb-sql-debuginforocky-upgrade-libdb-sql-devel-debuginforocky-upgrade-libdb-utils-debuginfo

References

CVE-2022-23833
https://attackerkb.com/topics/CVE-2022-23833
CWE-835
EUVD-EUVD-2022-0090
https://errata.rockylinux.org/RLSA-2022:5498
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-0090

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report